Описание
The kernel driver, accessible to low-privileged users, exposes a function that fails to properly validate the privileges of the calling process. This allows creating files at arbitrary locations with full user control, ultimately allowing for privilege escalation to SYSTEM.
EPSS
Процентиль: 20%
0.00066
Низкий
7.8 High
CVSS3
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 7.8
github
10 месяцев назад
The kernel driver, accessible to low-privileged users, exposes a function that fails to properly validate the privileges of the calling process. This allows creating files at arbitrary locations with full user control, ultimately allowing for privilege escalation to SYSTEM.
EPSS
Процентиль: 20%
0.00066
Низкий
7.8 High
CVSS3
Дефекты
CWE-284